May 23, 2018

No one’s ready for GDPR

The General Data Protection Regulation will go into effect on May 25th, and no one is ready — not the companies and not even the regulators.

After four years of deliberation, the General Data Protection Regulation (GDPR) was officially adopted by the European Union in 2016. The regulation gave companies a two-year runway to get compliant, which is theoretically plenty of time to get shipshape. The reality is messier. Like term papers and tax returns, there are people who get it done early, and then there’s the rest of us.

In today’s meeting with the European Parliament, Mark Zuckerberg said Facebook would be GDPR compliant by the deadline, but if so, the company would be in the minority. “Very few companies are going to be 100 percent...